Vista Program – Cyber Security/Pentester Chantilly, VA
*Clearance: *Active TS/SCI w/ Polygraph needed to apply *
Company Overview:
Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.S. operations worldwide through the use of many different types of intelligence, satellite, and cyber technologies. Cornerstone’s Intelligence Sector provides solutions to the United States Government for information collection, operations, exploitation and dissemination, and research activities. Our Team specializes in software development, cloud architecture, systems and network engineering, systems integration, agile management, as well as targeting operations and intelligence analysis. Our support to our mission customers includes cyber network operations, exploitation and defense, signals intelligence, human intelligence, and critical missions and networks.
Responsibilities:
Seeking a penetration tester for an Intelligence Community (IC) customer mission system. The successful candidate will perform vulnerability assessments and penetration testing following the customer’s prescribed scope statement with authorities derived from the customer’s Enterprise cyber security organization. The ideal candidate must display familiarity with Windows and Linux Mobile operating systems and be able to conduct network and security vulnerability analysis. Specifically, the candidate will analyze mission systems to help assess vulnerability to compromise from adversaries. The successful candidate must have prior experience with scope defined penetration testing using mainly open source tools.
Penetrate desktops, servers, applications, operating systems, and security systems to gain root/admin access
Provide black-box penetration testing utilizing tools and techniques to conduct cybersecurity evaluations for highly specialized network communication systems
Modify open source exploits to bypass/evade antivirus, firewalls, hardened systems, and IDS/IPS systems
Modify computer/system/network attacks, exploits, and Metasploit modules to create variations that evade detection
Perform reconnaissance, privilege escalation persistence, lateral movement, and payload generation for multiple targets
Hide digital artifacts and communications to evade antivirus, firewalls, IDS/IPS systems, Wireshark, and tcpdump
Work independently to analyze, research, and solve technical problems
Leverage existing business processes and document new repeatable business processes and procedures where necessary
Research external information on cybersecurity events, incidents, threats, and technical vulnerabilities
Qualifications
Bachelor’s degree (or equivalent) in Cybersecurity, Information Security, IT, EE, Network Engineering, Computer Science, or related field
Demonstrated 6 years experience in three or more specific areas to include: analysis, network engineering, networking security, penetration testing, red teaming, hardware engineering, software reverse engineering, and computer exploitation.
Experience with Kali Linux and Metasploit tools
Experience with programming/scripting: Python, Powershell, Ruby, C, JavaScript, etc
Strong written and verbal communication skills, including ability to explain complex technical topics to non-technical audiences
Desired:
MS degree in Computer Science, Engineering, Computer Forensics, Network Security, or equivalent technical experience
4 years of exploit development, computer/network security, or network traffic analysis using analytical tools
Expert knowledge of networking components/devices and various OS/applications in Linux and Windows environments
At least one of the following certifications: CISSP, OSCP, CEH, CEPT, GPEN, EnCE, GASF, GSFE, or BLCE
